Environment Variables

Overview

EpiNeko requires environment variables for Supabase authentication and database connectivity. All variables must be configured before running the application.

Never commit .env.local or any file containing actual credentials to version control. Keep your secrets secure!

Required Variables

Supabase Configuration

NEXT_PUBLIC_SUPABASE_URL

Required: Yes
Type: Public
Description: Your Supabase project URL

NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co

Where to find it:

Go to your Supabase Dashboard
Select your project
Navigate to Settings → API
Copy the “Project URL”

The NEXT_PUBLIC_ prefix makes this variable accessible in client-side code.

NEXT_PUBLIC_SUPABASE_ANON_KEY

Required: Yes
Type: Public
Description: Your Supabase anonymous/public API key

NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Where to find it:

Go to your Supabase Dashboard
Select your project
Navigate to Settings → API
Copy the “anon public” key under Project API keys

This key is safe to use in client-side code as it’s restricted by Row Level Security (RLS) policies.

Environment File Setup

Create .env.local

Create a .env.local file in the root of your project:

Create the file

touch .env.local

Add configuration

.env.local

# Supabase Configuration
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key-here

Restart development server

npm run dev

Environment variables are loaded on server start.

Example Configuration

.env.local

# ==================================
# Supabase Configuration
# ==================================
NEXT_PUBLIC_SUPABASE_URL=https://xyzcompany.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inh5emNvbXBhbnkiLCJyb2xlIjoiYW5vbiIsImlhdCI6MTYxNTIxOTIwMywiZXhwIjoxOTMwNzk1MjAzfQ.example-key-do-not-use

Variable Usage in Code

Client-Side Usage

Variables prefixed with NEXT_PUBLIC_ are accessible in browser code:

src/utils/supabase/client.ts

export function createClient() {
  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
  const supabaseKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;

  if (!supabaseUrl || !supabaseKey) {
    throw new Error('Missing Supabase environment variables');
  }

  return createBrowserClient(supabaseUrl, supabaseKey);
}

Server-Side Usage

Server components and API routes can access all environment variables:

src/utils/supabase/server.ts

export async function createClient() {
  return createServerClient(
    process.env.NEXT_PUBLIC_SUPABASE_URL!,
    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
    {
      cookies: {
        // Cookie configuration
      },
    }
  );
}

Middleware Usage

The middleware also accesses public environment variables:

src/utils/supabase/middleware.ts

const supabase = createServerClient(
  process.env.NEXT_PUBLIC_SUPABASE_URL!,
  process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
  {
    cookies: {
      // Cookie configuration
    },
  }
);

Validation

Runtime Validation

The application validates required environment variables at runtime:

if (!supabaseUrl || !supabaseKey) {
  throw new Error(
    'Missing Supabase environment variables: ' +
    'NEXT_PUBLIC_SUPABASE_URL or NEXT_PUBLIC_SUPABASE_ANON_KEY'
  );
}

Check Before Starting

Verify your configuration before running the app:

# Check if variables are set
echo $NEXT_PUBLIC_SUPABASE_URL
echo $NEXT_PUBLIC_SUPABASE_ANON_KEY

Deployment Configuration

Vercel

Navigate to project settings

Go to your Vercel project → Settings → Environment Variables

Add variables

Add each variable with appropriate values:

NEXT_PUBLIC_SUPABASE_URL
NEXT_PUBLIC_SUPABASE_ANON_KEY

Select environments

Choose which environments need the variables:

Production
Preview
Development

Redeploy

Trigger a new deployment for changes to take effect

Use different Supabase projects for production and development environments for better isolation.

Security Best Practices

Never Commit Secrets

Add .env.local to .gitignore

Use RLS Policies

Protect data with Row Level Security

Rotate Keys Regularly

Update API keys periodically

Environment Separation

Use different keys for dev/staging/prod

.gitignore Configuration

Ensure your .gitignore includes:

.gitignore

# Environment variables
.env
.env.local
.env.*.local
.env.development.local
.env.test.local
.env.production.local

Troubleshooting

Error: Missing Supabase environment variables

Cause: Environment variables are not set or not accessible.Solution:

Verify .env.local exists in project root
Check variable names match exactly (case-sensitive)
Restart development server after adding variables
Ensure no extra spaces around = sign

# ✅ Correct
NEXT_PUBLIC_SUPABASE_URL=https://example.supabase.co

# ❌ Incorrect
NEXT_PUBLIC_SUPABASE_URL = https://example.supabase.co

Variables not updating after changes

Cause: Development server needs restart to load new environment variables.Solution:

Stop the development server (Ctrl+C)
Start it again: npm run dev
Clear Next.js cache if needed: rm -rf .next

Undefined environment variables in client code

Cause: Variables without NEXT_PUBLIC_ prefix are not exposed to the browser.Solution:

Ensure all client-side variables have NEXT_PUBLIC_ prefix
Server-only secrets should NOT have this prefix
Rebuild after adding the prefix

Authentication errors after deployment

Cause: Environment variables not configured in deployment platform.Solution:

Check Vercel/deployment platform settings
Verify all variables are added
Ensure correct environment is selected
Redeploy after adding variables

Additional Configuration

Optional Enhancements

While not currently used, you might want to add these for enhanced functionality:

NEXT_PUBLIC_SITE_URL

NEXT_PUBLIC_SITE_URL=https://your-app.vercel.app

Useful for:

OAuth redirect URLs
Email confirmation links
Absolute URL generation

SUPABASE_SERVICE_ROLE_KEY

SUPABASE_SERVICE_ROLE_KEY=your-service-role-key

This key bypasses Row Level Security. Only use in server-side code, never expose to client!

Useful for:

Admin operations
Bulk data operations
Bypassing RLS for migrations

Environment Variable Checklist

Use this checklist when setting up a new environment:

Created .env.local file in project root
Added NEXT_PUBLIC_SUPABASE_URL with correct project URL
Added NEXT_PUBLIC_SUPABASE_ANON_KEY with anon key from Supabase
Verified .env.local is in .gitignore
Restarted development server
Tested authentication flow
Configured production environment variables in Vercel
Verified production deployment works

Deployment Guide

Deploy with environment variables

Services

Learn how services use variables

Supabase Setup

Initial Supabase configuration

Architecture

Deployment

​Overview

​Required Variables

​Supabase Configuration

​Environment File Setup

​Create .env.local

​Example Configuration

​Variable Usage in Code

​Client-Side Usage

​Server-Side Usage

​Middleware Usage

​Validation

​Runtime Validation

​Check Before Starting

​Deployment Configuration

​Vercel

​Security Best Practices

Never Commit Secrets

Use RLS Policies

Rotate Keys Regularly

Environment Separation

​.gitignore Configuration

​Troubleshooting

​Additional Configuration

​Optional Enhancements

​Environment Variable Checklist

​Related Documentation

Deployment Guide

Services

Supabase Setup

Overview

Required Variables

Supabase Configuration

Environment File Setup

Create .env.local

Example Configuration

Variable Usage in Code

Client-Side Usage

Server-Side Usage

Middleware Usage

Validation

Runtime Validation

Check Before Starting

Deployment Configuration

Vercel

Security Best Practices

.gitignore Configuration

Troubleshooting

Additional Configuration

Optional Enhancements

Environment Variable Checklist

Related Documentation